Well, I guess the title is a little misleading. The ldap connection is working like a champ. I configured sssd to bind using my own credentials, and that’s working. The searches are successful and return the correct result.

 

Things I don’t understand:

 

·         Sssd performs two ldap searches for my username, not one.

·         Using wireshark, I don’t even see it trying to bind to AD using the account it finds (twice).

·         sssd fails to authenticate me, but the logs seems to indicate to me that everything it tried succeeded.

 

This is on a VM with a minimal install of Fedora 19. The setup roughly follows https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server with local modifications to enable id mapping. I’m attaching edited versions of sssd.conf, sssd_pam.log, sssd_nss.log, and the output of wireshark (stupidly named sssd.log.) pam and nss are both at debug level 9.

 

Does anyone have any suggestions as to what I should try?

 

Bryce





This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.